摘要
移动IP技术的出现使移动用户在Internet的海洋里自由翱翔。为了安全起见,企业和家庭网络都采用防火墙安全策略。在没有取得授权的情况下,移动用户无法访问企业或家庭的网络,一定程度限制了移动用户对网络资源的获取。本文提出一套基于外部代理的移动IP安全穿越防火墙的解决方案,方案设置一个移动节点,该节点可以从外部代理中获得一个授权地址,通过该地址实现与其家乡代理和通信对端的通信,在不修改协议和网络实体的情况下,利用IPSec协议实现防火墙的安全穿越和端到端的安全通信。
Mobile IP can enable mobile users to enjoy seamless roaming in the world of Internet. In view of security enterprise and home networks are firewall protected, mobile users can not access their home networks without successful authentication so that mobile users can not access the resource. In this paper we present a schema based on foreign agent which can traverse firewall. In this shema a mobile node away from home obtains a care-of address from a foreign agent and communicates with its home agent and correspondent node that are both behind the firewall of the home network. Our solution can achieve successful firewall traversal as well as end-to-end security by applying IPsec mechanisms on network entities. It does not require any modification of protocols and network entities.
出处
《柳州职业技术学院学报》
2007年第2期107-111,共5页
Journal of Liuzhou Vocational & Technical College
